You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/01/23 14:57:59 UTC
svn commit: r1654214 -
/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
Author: coheigea
Date: Fri Jan 23 13:57:59 2015
New Revision: 1654214
URL: http://svn.apache.org/r1654214
Log:
Adding another test
Modified:
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java?rev=1654214&r1=1654213&r2=1654214&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java Fri Jan 23 13:57:59 2015
@@ -404,7 +404,71 @@ public class ModifiedRequestTest extends
fail("Failure expected on a modified EncryptedData CipherValue");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
- //the error message is not deterministic so we do not do a message comparison
+ }
+ }
+
+ /**
+ * Test for when some EncryptedData CipherValue data is modified
+ * (in the security header)
+ */
+ @org.junit.Test
+ public void testModifiedSecurityHeaderEncryptedDataCipherValue() throws Exception {
+ WSSecEncrypt builder = new WSSecEncrypt();
+ builder.setUserInfo("wss40");
+ builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+ builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+ Crypto wssCrypto = CryptoFactory.getInstance("wss40.properties");
+
+ WSSecTimestamp timestamp = new WSSecTimestamp();
+ timestamp.setTimeToLive(300);
+ timestamp.build(doc, secHeader);
+
+ List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ "Timestamp",
+ WSConstants.WSU_NS,
+ "");
+ parts.add(encP);
+ builder.setParts(parts);
+
+ Document encryptedDoc = builder.build(doc, wssCrypto, secHeader);
+
+ Element securityHeader =
+ WSSecurityUtil.getSecurityHeader(encryptedDoc, "");
+ Element encryptedTimestamp =
+ WSSecurityUtil.findElement(securityHeader, "EncryptedData", WSConstants.ENC_NS);
+ Element cipherValue =
+ WSSecurityUtil.findElement(encryptedTimestamp, "CipherValue", WSConstants.ENC_NS);
+ String cipherText = cipherValue.getTextContent();
+
+ StringBuilder stringBuilder = new StringBuilder(cipherText);
+ int index = stringBuilder.length() / 2;
+ char ch = stringBuilder.charAt(index);
+ if (ch != 'A') {
+ ch = 'A';
+ } else {
+ ch = 'B';
+ }
+ stringBuilder.setCharAt(index, ch);
+ cipherValue.setTextContent(stringBuilder.toString());
+
+ String outputString =
+ XMLUtils.PrettyDocumentToString(encryptedDoc);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug(outputString);
+ }
+
+ WSSecurityEngine newEngine = new WSSecurityEngine();
+ try {
+ newEngine.processSecurityHeader(doc, null, new KeystoreCallbackHandler(), wssCrypto);
+ fail("Failure expected on a modified EncryptedData CipherValue");
+ } catch (WSSecurityException ex) {
+ assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
}
}
@@ -452,7 +516,6 @@ public class ModifiedRequestTest extends
fail("Failure expected on a modified EncryptedData CipherValue");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
- //the error message is not deterministic so we do not do a message comparison
}
}
@@ -509,7 +572,6 @@ public class ModifiedRequestTest extends
fail("Failure expected on a modified Signature Reference");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
- assertEquals("The signature or decryption was invalid", ex.getMessage());
}
}
@@ -538,7 +600,6 @@ public class ModifiedRequestTest extends
fail("Failure expected on an untrusted Certificate");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
- assertEquals("The signature or decryption was invalid", ex.getMessage());
}
}
@@ -574,7 +635,6 @@ public class ModifiedRequestTest extends
fail("Failure expected on a modified Signature element");
} catch (WSSecurityException ex) {
assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.FAILED_CHECK);
- assertEquals("The signature or decryption was invalid", ex.getMessage());
}
}